package yur.wedding.common.config;

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import yur.wedding.xss.XssFilter;

import javax.servlet.DispatcherType;

/**
 * 过滤器 配置
 *
 * @Author: Yur
 * @Data:2021/11/8 22:48
 */
@Configuration
public class FilterConfig {

    @Bean
    public FilterRegistrationBean shiroFilterRegistration() {
        //实例设置优先级可以生效
        FilterRegistrationBean registration = new FilterRegistrationBean();
        //注册自定义过滤器
        registration.setFilter(new DelegatingFilterProxy("shiroFilter"));
        //该值缺省为false，表示生命周期由SpringApplicationContext管理，设置为true则表示由ServletContainer管理
        registration.addInitParameter("targetFilterLifecycle", "true");
        registration.setEnabled(true);

        registration.setOrder(Integer.MAX_VALUE - 1);
        //过滤所有路径
        registration.addUrlPatterns("/*");
        return registration;
    }

    @Bean
    public FilterRegistrationBean xssFilterRegistration() {



        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setDispatcherTypes(DispatcherType.REQUEST);
        //注册自定义过滤器
        registration.setFilter(new XssFilter());
        //过滤所有路径
        registration.addUrlPatterns("/*");
        //过滤器名称
        registration.setName("XssFilter");

        registration.setOrder(Integer.MAX_VALUE);
        System.out.print("拦截XSS 攻击 Filter 过滤器生效 wedding_admin -yur.wedding.common.config.FilterConfig;");
        return registration;
    }
}
